This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fe71b6-6aaa-4bd4-8661-6998ab7edf7a/1/utX8EvzxjtNKF1hFOEPAnrUCzm8.roa File: utX8EvzxjtNKF1hFOEPAnrUCzm8.roa (raw, json) Hash identifier: klBKnxuMcoS0m9Xk0/1QlfvOXmiMTMvpWtNw0ziiP1Q= Subject key identifier: BA:D5:FC:12:FC:F1:8E:D3:4A:17:58:45:38:43:C0:9E:B5:02:CE:6F Certificate issuer: /CN=705526f9ab0dd276823fc1f0ebaa1de63b7d656c Certificate serial: 019B7E390E4684994E1DC4F8273E50B49586 Authority key identifier: 70:55:26:F9:AB:0D:D2:76:82:3F:C1:F0:EB:AA:1D:E6:3B:7D:65:6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFUm-asN0naCP8Hw66od5jt9ZWw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/fe71b6-6aaa-4bd4-8661-6998ab7edf7a/1/utX8EvzxjtNKF1hFOEPAnrUCzm8.roa Signing time: Fri 02 Jan 2026 10:20:26 +0000 ROA not before: Fri 02 Jan 2026 10:20:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210129 IP address blocks: 185.94.132.0/22 maxlen: 22 185.227.120.0/22 maxlen: 22 2a0d:52c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/fe71b6-6aaa-4bd4-8661-6998ab7edf7a/1/cFUm-asN0naCP8Hw66od5jt9ZWw.crl rsync://rpki.ripe.net/repository/DEFAULT/32/fe71b6-6aaa-4bd4-8661-6998ab7edf7a/1/cFUm-asN0naCP8Hw66od5jt9ZWw.mft rsync://rpki.ripe.net/repository/DEFAULT/cFUm-asN0naCP8Hw66od5jt9ZWw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:0e:46:84:99:4e:1d:c4:f8:27:3e:50:b4:95:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=705526f9ab0dd276823fc1f0ebaa1de63b7d656c Validity Not Before: Jan 2 10:20:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bad5fc12fcf18ed34a1758453843c09eb502ce6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:21:4c:3e:68:b9:3a:25:c7:71:43:9e:f7:c5: a7:86:f1:ad:75:56:30:f5:ad:51:13:e6:41:41:4d: e5:5e:4e:dc:08:d3:2c:9f:fc:0f:05:30:5c:59:bc: 24:d0:71:82:6e:3b:9b:50:37:72:07:13:75:3a:f6: b1:ec:9e:10:f6:70:15:01:3e:24:29:3f:96:01:eb: 7c:85:c8:55:7d:a9:31:6b:7d:94:5e:00:47:b4:b4: 74:63:ba:78:10:0d:6a:97:59:04:62:c3:ab:49:40: d1:ff:f0:47:f8:ae:d5:ae:f8:e7:03:40:e9:f2:f9: 43:6a:62:00:71:71:1b:e8:66:f9:43:16:72:54:88: ec:16:15:ba:0a:89:30:7b:c4:67:e7:41:68:b4:4e: 69:bf:8c:50:84:6d:4a:85:15:cd:be:a5:08:77:05: 37:a7:60:9a:cc:3c:75:27:59:1e:c5:0f:6d:92:a1: 63:d6:08:56:4c:9c:b7:e2:1c:7b:2c:4c:ed:c5:77: d0:5f:d8:84:57:f3:24:8d:d5:8f:57:40:8e:23:c9: cd:5d:77:a1:9e:47:2a:c0:f7:2e:00:57:dd:33:49: 00:37:7f:19:96:f2:a6:9c:40:32:5d:92:fa:26:21: b5:de:14:3d:34:b0:f0:d0:b9:e7:16:5a:72:d9:5a: 75:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:D5:FC:12:FC:F1:8E:D3:4A:17:58:45:38:43:C0:9E:B5:02:CE:6F X509v3 Authority Key Identifier: keyid:70:55:26:F9:AB:0D:D2:76:82:3F:C1:F0:EB:AA:1D:E6:3B:7D:65:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFUm-asN0naCP8Hw66od5jt9ZWw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe71b6-6aaa-4bd4-8661-6998ab7edf7a/1/utX8EvzxjtNKF1hFOEPAnrUCzm8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe71b6-6aaa-4bd4-8661-6998ab7edf7a/1/cFUm-asN0naCP8Hw66od5jt9ZWw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.94.132.0/22 185.227.120.0/22 IPv6: 2a0d:52c0::/29 Signature Algorithm: sha256WithRSAEncryption 5a:02:12:11:e4:8d:36:7d:84:85:ed:1a:5a:59:55:3f:6d:0b: 1a:4c:54:8e:d2:bf:be:c5:bd:6a:98:2a:ab:55:8d:2e:8d:67: f2:7b:2a:72:bf:c1:69:6d:76:6c:2c:61:c4:79:f4:27:70:b6: 9f:f4:3d:0e:25:70:d3:3a:bb:72:3e:85:f2:a9:24:e5:9c:7f: ee:cd:1d:39:a4:2e:5a:8c:40:cd:40:3f:b1:15:6d:cf:86:d6: 96:de:cf:9b:02:d1:8b:1c:d8:f9:bd:b0:ae:d6:7b:b8:1c:96: bf:81:e6:26:c5:95:e2:23:34:af:ed:c7:73:32:8c:1f:a4:18: 4f:c5:54:81:f3:1d:4e:bb:63:10:b0:44:fe:31:34:cd:02:12: 73:28:f9:99:b8:70:19:1f:00:b0:ee:06:46:b2:5a:40:ea:00: 87:48:1c:46:c7:8b:cd:9b:f1:2e:ff:8f:39:81:21:20:14:d9: c6:5c:d9:62:d5:0a:96:11:ca:c1:3a:2d:32:c8:5a:51:01:d1: 78:a6:f2:a5:3b:29:fe:d7:e4:56:f8:3b:00:ef:e9:53:e7:dd: 3e:91:fc:1c:8f:a1:f7:66:04:87:0f:59:6a:ce:d8:b4:a6:2e: 33:0b:d3:37:03:2f:d3:7c:60:03:26:3b:89:19:6f:b5:28:f7: b3:6a:c0:38 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+OQ5GhJlOHcT4Jz5QtJWGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNTUyNmY5YWIwZGQyNzY4MjNmYzFmMGViYWExZGU2M2I3 ZDY1NmMwHhcNMjYwMTAyMTAyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYWQ1ZmMxMmZjZjE4ZWQzNGExNzU4NDUzODQzYzA5ZWI1MDJjZTZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CFMPmi5OiXHcUOe98WnhvGtdVYw 9a1RE+ZBQU3lXk7cCNMsn/wPBTBcWbwk0HGCbjubUDdyBxN1Ovax7J4Q9nAVAT4k KT+WAet8hchVfakxa32UXgBHtLR0Y7p4EA1ql1kEYsOrSUDR//BH+K7VrvjnA0Dp 8vlDamIAcXEb6Gb5QxZyVIjsFhW6Cokwe8Rn50FotE5pv4xQhG1KhRXNvqUIdwU3 p2CazDx1J1kexQ9tkqFj1ghWTJy34hx7LEztxXfQX9iEV/MkjdWPV0COI8nNXXeh nkcqwPcuAFfdM0kAN38ZlvKmnEAyXZL6JiG13hQ9NLDw0LnnFlpy2Vp1vQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLrV/BL88Y7TShdYRThDwJ61As5vMB8GA1UdIwQY MBaAFHBVJvmrDdJ2gj/B8OuqHeY7fWVsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0ZVbS1hc04wbmFDUDhIdzY2b2Q1anQ5Wld3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mZTcxYjYtNmFhYS00YmQ0LTg2NjEt Njk5OGFiN2VkZjdhLzEvdXRYOEV2enhqdE5LRjFoRk9FUEFuclVDem04LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9mZTcxYjYtNmFhYS00YmQ0LTg2NjEtNjk5OGFiN2VkZjdh LzEvY0ZVbS1hc04wbmFDUDhIdzY2b2Q1anQ5Wld3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV6EAwQC ueN4MA0EAgACMAcDBQMqDVLAMA0GCSqGSIb3DQEBCwUAA4IBAQBaAhIR5I02fYSF 7RpaWVU/bQsaTFSO0r++xb1qmCqrVY0ujWfyeypyv8FpbXZsLGHEefQncLaf9D0O JXDTOrtyPoXyqSTlnH/uzR05pC5ajEDNQD+xFW3PhtaW3s+bAtGLHNj5vbCu1nu4 HJa/geYmxZXiIzSv7cdzMowfpBhPxVSB8x1Ou2MQsET+MTTNAhJzKPmZuHAZHwCw 7gZGslpA6gCHSBxGx4vNm/Eu/485gSEgFNnGXNli1QqWEcrBOi0yyFpRAdF4pvKl Oyn+1+RW+DsA7+lT590+kfwcj6H3ZgSHD1lqzti0pi4zC9M3Ay/TfGADJjuJGW+1 KPezasA4 -----END CERTIFICATE-----Generated at Sun Jan 25 21:06:50 2026 by rpki-client